8a107f791399f67bcf2ec8f21d5498db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a107f791399f67bcf2ec8f21d5498db_JaffaCakes118
Size

16KB
MD5

8a107f791399f67bcf2ec8f21d5498db
SHA1

aaf466f70c6e5779b55ed3f3a25e275db7a3a03c
SHA256

7ed81188eafeb83cecea06b3dc3db90b3e9a83f9e94debea2d45cdbfc0383590
SHA512

caf8edda0195f5805d6353877bbfc71560b7cf202394ded7a60c5a6f0ca487e3c456e6ff6eee05fcdd0ee431459bf3790a7508271bb1f7055cf26c8e38a7e79e
SSDEEP

192:62G3ASrv8BT0V+wBL+MVlOuLeMlJQmBrj9PQikzVVd3mjkmY/9TRRgfka:M3XgT0VvBvzOMzQw9IiiVVd2jiTLEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a107f791399f67bcf2ec8f21d5498db_JaffaCakes118

Files

8a107f791399f67bcf2ec8f21d5498db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

490342377f61eacc69d9d29e77f011b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
VirtualProtect
lstrlenA
LoadLibraryExA
HeapCreate
InterlockedExchange
GetUserDefaultLangID
WaitForSingleObject
GetAtomNameA
GlobalUnlock
GetCommandLineA
SetLastError
GlobalSize
GetConsoleDisplayMode
WaitForMultipleObjects
ResumeThread
CompareFileTime
HeapReAlloc
GetModuleHandleA
GetTickCount
GetConsoleCP

user32

GetTitleBarInfo
DragDetect
GetWindow
EndPaint
ReleaseDC
AnyPopup
DrawTextA
wsprintfA
GetCursorPos
CreateIcon
GetDC
BeginPaint
SetForegroundWindow
GetClassNameA
GetFocus
ShowWindow
FrameRect
GetParent
FillRect

rastapi

AddPorts
DeviceDone
DeviceConnect
PortClose
DeviceListen

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ